Re: [Full-disclosure] Hacking IPv6 Networks (slides)

They contain quite a few insights about IPv6 security, along with a number of practical examples.

Good stuff!

A few observations:

1. By prepending lots of extension headers to packets, it may be possible to exhaust router ASIC/TCAM capacity, causing the traffic in question to be punted to the RP and thus leading to a DoS condition.

2. The consonance of the English letters 'B', 'C', 'D', & 'E' is likely to result in untold billions of dollars of opex related to misconfigurations, outages, improper access policies contributing to security breaches, etc. Whenever possible, IPv6 address-/netblock-related information should be transmitted in written form, not verbally.

3. BGP and IGP mining can also be useful for hinted scanning.

4. The numerous instantiations of additional state being added to networks in the form of 6-to-4 gateways, CGNs, et. al. as a result of IPv4 address exhaustion and IPv6 transition greatly increases the DoS risk, as well. There's already far too much of this in the mobile/wireless world, resulting in numerous DoS conditions on those networks caused by portscans/hostscans/outbound & crossbound DDoS attacks initiated by botted hosts; now it's going to become even more common in the wireline world, as well.